May 3, 2013 at 2:12 pm
Oh good grief, just have the issuing authority PKI sign the fingerprint image files and set up an authentication server with good failover characteristics. Use open source software so that anyone can implement an authentication gateway. It would be convenient to have only one authority, so the feds should do it. To keep the BIG BROTHER!!! freakers happy, make the whole thing an opt-in, finance the thing with fees to the adopters, and then let the adopters breeze through airport security. Done done and done. As for the people who don't *believe* in *fingerprint technology*, please stay out of my data center.
May 3, 2013 at 7:34 pm
GeorgeCopeland (5/3/2013)
Oh good grief, just have the issuing authority PKI sign the fingerprint image files and set up an authentication server with good failover characteristics. Use open source software so that anyone can implement an authentication gateway. It would be convenient to have only one authority, so the feds should do it. To keep the BIG BROTHER!!! freakers happy, make the whole thing an opt-in, finance the thing with fees to the adopters, and then let the adopters breeze through airport security. Done done and done. As for the people who don't *believe* in *fingerprint technology*, please stay out of my data center.
Yes, I'll gladly stay out of your data center; and hope that the various organisations I deal with who hold data that I need to be secure also keep out of it. because I have reason to believe it's pretty insecure - it apparently relies on a security technology that is well known to be broken.
Please don't try to impose your concepts of security on those of us who have some understanding of security and would be appalled at anyone as incompetent (and arrogantly willing to lie about their failures) as your feds or their equivalents in Europe, Asia, South Americs, and the Pacific - the fact that you think letting the feds control it is a pretty good indicator that your idea of security will be pretty insecure.
And your use of the phrase "big brother freakers" tends to suggest a preference for totalitarian forms of government and a dislike of those who believe in any degree of personal liberty. I guess we will have to get used to hearing from suopporters of that ideology these days, it's becoming rather rife.
Tom
May 6, 2013 at 12:47 pm
Changing the under lying data in the database is a risk in all security systems. If someone goes to your login info and copy their credentials/password/fingerprint/ etc info into the record being verified against, they can pretend to be you.
One plus side with fingerprints, is after the fact, you have the Fingerprint info of the person that pretended to be you. Unless they can go in and change that back to your fingerprint info. However if someone can get that deep into a security system and do that twice , there's a whole other host of problems.
My favorite phrase for this one is "Computers make very fast and accurate mistakes" In the end they can only verify the data supplied against the data stored, it gets logistically complicated to verify that the data presented to is is authentic in origin. The data stored on the other hand, it should be possible to do checksums, review changelogs, or other redundancies to prevent tampering.
A more subtle and but very comparable issue is criminal forensics. They find a blood, hair, etc sample, and get a match, and that becomes the primary suspect. That person better have a good defense regardless of their involvement. This I find scarier, as there are alot more unknown variables that get assumed and at times it can be harder to disprove. If that evidence was a planted, the suspect possibly has a motive, and no good alibi... good luck on the defense
As for people putting to much faith in technology, ever since I read articles like this (http://www.switched.com/2009/03/25/man-follows-gps-to-the-edge-of-a-cliff/) I have been convinced of this problem. There's a cliff right there in front of you, the computer says GO! (who do you trust your eyes or the computer?)
Viewing 3 posts - 31 through 32 (of 32 total)
You must be logged in to reply to this topic. Login to reply